Cyber Incident Victim: Verge Cryptocurrency
Date:
May 2018
Location:
United States of America
Summary
A hacker exploited a vulnerability in the Verge cryptocurrency's source code to manipulate mining timestamps, monopolizing operations and rapidly generating over 35 million XVG coins worth approximately $1.65 million. This occurred shortly after developers attempted to patch a similar April attack via a hard fork, which the attacker circumvented by leveraging multiple algorithms. The incident disrupted legitimate mining activities and triggered a 10% price decline due to both the attack's publicity and the sudden influx of newly minted coins. While no user funds were stolen, the network's integrity was compromised, prompting renewed efforts by developers to implement another fix.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 22, 2018, the Verge cryptocurrency (XVG) network experienced a second major attack exploiting vulnerabilities in its mining protocol. A hacker manipulated timestamps within the Verge source code to monopolize mining operations, enabling the rapid creation of new XVG coins over several hours. This attack circumvented patches implemented after a similar April 2018 incident, where developers had executed a hard fork to reverse illicit gains. The attacker leveraged two mining algorithms to manipulate block timestamps, effectively delaying or invalidating legitimate miners' efforts while accelerating their own coin production. Community analysis on BitcoinTalk forums and Reddit indicated the hacker mined approximately 35 million XVG during the breach, equivalent to $1.65 million at prevailing exchange rates. Verge developers initially misinterpreted the attack as a distributed denial-of-service (DDoS) targeting mining pools before confirming the protocol exploitation.
The attack's primary impact centered on network integrity rather than direct theft from user wallets. Legitimate mining operations were disrupted through timestamp manipulation, rendering substantial computational efforts unproductive. Market reactions precipitated a 10% decline in XVG's value, driven by both the attack disclosure and the sudden influx of fraudulently minted coins. Verge's development team initiated patch development upon confirming the attack's nature but had not finalized plans for another hard fork to reverse illegitimate transactions at the time of reporting. The incident highlighted persistent vulnerabilities despite prior remediation attempts, with community critics noting the April patch constituted only a temporary fix. Financial losses were confined to mining inefficiencies and market depreciation, with no compromise of individual user accounts or private keys reported.